EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-05-2019, 09:19
deepzero's Avatar
deepzero deepzero is online now
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 211
Rept. Given: 99
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 81
Thanks Rcvd at 65 Times in 30 Posts
deepzero Reputation: 60
NSA will release some sort of advanced IDA reversing tool in March

NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.


https://www.rsaconference.com/events/us19/agenda/sessions/16608-come-get-your-free-nsa-reverse-engineering-tool
Reply With Quote
The Following 16 Users Say Thank You to deepzero For This Useful Post:
alekine322 (01-06-2019), copyleft (01-06-2019), cyberbob (01-07-2019), gsaralji (01-05-2019), jgutierrez (01-12-2019), lordi (01-11-2019), niculaita (01-06-2019), nimaarek (01-05-2019), ph03n1x (01-23-2019), pps44 (01-06-2019), robotics0 (03-16-2019), Storm Shadow (01-12-2019), tom324 (01-06-2019), tonyweb (01-05-2019), Uknow007 (02-17-2019), WhoCares (01-06-2019)
  #2  
Old 01-06-2019, 01:49
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 333
Rept. Given: 6
Rept. Rcvd 11 Times in 9 Posts
Thanks Given: 12
Thanks Rcvd at 35 Times in 7 Posts
WhoCares Reputation: 11
wow.

Is it more powerful than IDA?
__________________
AKA Solomon/blowfish.
Reply With Quote
  #3  
Old 01-06-2019, 02:25
Roy25 Roy25 is offline
Friend
 
Join Date: Sep 2018
Posts: 10
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 7
Thanks Rcvd at 8 Times in 5 Posts
Roy25 Reputation: 0
Thumbs up

Quote:
Originally Posted by WhoCares View Post
wow.

Is it more powerful than IDA?
If it is "released for free public use".. then I wish it is
Reply With Quote
  #4  
Old 01-06-2019, 13:32
atom0s's Avatar
atom0s atom0s is online now
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 212
Rept. Given: 22
Rept. Rcvd 94 Times in 43 Posts
Thanks Given: 37
Thanks Rcvd at 276 Times in 109 Posts
atom0s Reputation: 94
Will be interesting to see how it competes with IDA and BinaryNinja. Given that it is free, if it can give those a run for their money, it could be a good thing and we could see the prices of the other two go down to compete. But, given that it is made by the NSA, there isn't much really pushing for their tool to be anything amazing and there are already worries of trust and what the tool will include in terms of phone-home like telemetry.
__________________
No longer active on this site/forum much. If you need to contact me, you can find me on my personal site here: https://atom0s.com/forums/
Reply With Quote
The Following User Says Thank You to atom0s For This Useful Post:
p4r4d0x (01-07-2019)
  #5  
Old 01-06-2019, 16:05
qzr qzr is offline
Friend
 
Join Date: Oct 2018
Posts: 5
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 12
Thanks Rcvd at 2 Times in 1 Post
qzr Reputation: 0
Some spoilers could be found on Wikileak: https://search.wikileaks.org/?q=Ghidra
Reply With Quote
  #6  
Old 01-07-2019, 03:14
nikkapedd nikkapedd is offline
VIP
 
Join Date: Mar 2011
Location: Somewhere In Europe
Posts: 212
Rept. Given: 275
Rept. Rcvd 147 Times in 62 Posts
Thanks Given: 137
Thanks Rcvd at 134 Times in 54 Posts
nikkapedd Reputation: 100-199 nikkapedd Reputation: 100-199
Some code tools are now free from NSA
Code:
https://code.nsa.gov/
Reply With Quote
The Following 6 Users Say Thank You to nikkapedd For This Useful Post:
ARUBA (01-10-2019), deepzero (01-07-2019), niculaita (01-08-2019), ph03n1x (01-23-2019), sh3dow (01-09-2019), tonyweb (01-07-2019)
  #7  
Old 01-07-2019, 07:43
chants chants is offline
Friend
 
Join Date: Jul 2016
Posts: 311
Rept. Given: 0
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 252
Thanks Rcvd at 282 Times in 160 Posts
chants Reputation: 11
Is this an old resource or just to save face in wake of the leaks?
Reply With Quote
  #8  
Old 01-07-2019, 10:07
atom0s's Avatar
atom0s atom0s is online now
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 212
Rept. Given: 22
Rept. Rcvd 94 Times in 43 Posts
Thanks Given: 37
Thanks Rcvd at 276 Times in 109 Posts
atom0s Reputation: 94
The tool has leaked before, but this is a recent announcement that they plan to fully release it from what the various articles have mentioned. The tool was part of some of the WikiLeaks dumps in the past and you can get it already and compile it yourself if you wanted to though.
__________________
No longer active on this site/forum much. If you need to contact me, you can find me on my personal site here: https://atom0s.com/forums/
Reply With Quote
  #9  
Old 01-07-2019, 23:49
SockPuppet SockPuppet is offline
Friend
 
Join Date: Sep 2018
Posts: 3
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 6 Times in 1 Post
SockPuppet Reputation: 0
Quote:
Originally Posted by atom0s View Post
The tool has leaked before, but this is a recent announcement that they plan to fully release it from what the various articles have mentioned. The tool was part of some of the WikiLeaks dumps in the past and you can get it already and compile it yourself if you wanted to though.
Any links to the leaks? Google not very helpful with this.
Reply With Quote
  #10  
Old 01-08-2019, 10:39
chants chants is offline
Friend
 
Join Date: Jul 2016
Posts: 311
Rept. Given: 0
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 252
Thanks Rcvd at 282 Times in 160 Posts
chants Reputation: 11
Any comments about the quality of the decompiler?
Reply With Quote
  #11  
Old 01-08-2019, 13:37
atom0s's Avatar
atom0s atom0s is online now
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 212
Rept. Given: 22
Rept. Rcvd 94 Times in 43 Posts
Thanks Given: 37
Thanks Rcvd at 276 Times in 109 Posts
atom0s Reputation: 94
Quote:
Originally Posted by SockPuppet View Post
Any links to the leaks? Google not very helpful with this.
For full results on Wikileaks:
https://search.wikileaks.org/?q=Ghidra

More specific ones with actual info:
https://wikileaks.org/ciav7p1/cms/page_11628795.html
https://wikileaks.org/ciav7p1/cms/page_51183656.html

There are leaks around the web still that have the Vault 7 files and such, some were uploaded to GitHub and similar. But they are all still findable on Google.
__________________
No longer active on this site/forum much. If you need to contact me, you can find me on my personal site here: https://atom0s.com/forums/
Reply With Quote
The Following User Says Thank You to atom0s For This Useful Post:
tonyweb (01-08-2019)
  #12  
Old 01-08-2019, 18:45
Mendax47 Mendax47 is offline
Friend
 
Join Date: Jun 2016
Location: Earth..
Posts: 90
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 128
Thanks Rcvd at 76 Times in 29 Posts
Mendax47 Reputation: 1
There Is A Actual download Link on Wikileaks but can't access to that site

"The Ghidra packages are available on DEVLAN @ \\fs-01.devlan.net\share\NSA\Ghidra"
Reply With Quote
  #13  
Old 01-09-2019, 04:15
chants chants is offline
Friend
 
Join Date: Jul 2016
Posts: 311
Rept. Given: 0
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 252
Thanks Rcvd at 282 Times in 160 Posts
chants Reputation: 11
That site is probably internally accessible only and a honeypot from the outside so be careful.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
sh3dow (01-09-2019)
  #14  
Old 01-12-2019, 01:08
contactmebyhere contactmebyhere is offline
Friend
 
Join Date: Nov 2017
Posts: 4
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 6 Times in 2 Posts
contactmebyhere Reputation: 1
I heared somewhere that the NSA tool were useful to defeat (at least a part) of themida protector. I hope their source code will help our community.
I'll never run their jar
Reply With Quote
  #15  
Old 01-12-2019, 19:21
chants chants is offline
Friend
 
Join Date: Jul 2016
Posts: 311
Rept. Given: 0
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 252
Thanks Rcvd at 282 Times in 160 Posts
chants Reputation: 11
I can't imagine it will be a full-fledged decompiler which beats hex-rays in its current incarnation though. From what I have seen it looks like just another advanced disassembly tool with some basic decompilation tricks.

But did anyone notice how chessgod101 mysteriously deleted his post after I called it out as an obvious honeypot?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 17:43.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX